HAL Id: hal-01588490
https://hal.inria.fr/hal-01588490v2
Submitted on 6 Nov 2017
HAL is a multi-disciplinary open access
archive for the deposit and dissemination of sci-
entic research documents, whether they are pub-
lished or not. The documents may come from
teaching and research institutions in France or
abroad, or from public or private research centers.
L’archive ouverte pluridisciplinaire HAL, est
destinée au dépôt et à la diusion de documents
scientiques de niveau recherche, publiés ou non,
émanant des établissements d’enseignement et de
recherche français ou étrangers, des laboratoires
publics ou privés.
Fault-tolerant and Scalable Key Management Protocol
for IoT-based Collaborative Groups
Mohammed Riyadh Abdmeziem, François Charoy
To cite this version:
Mohammed Riyadh Abdmeziem, François Charoy. Fault-tolerant and Scalable Key Management
Protocol for IoT-based Collaborative Groups. SecureComm 2017 : 13th EAI International Conference
on Security and Privacy in Communication Networks, Oct 2017, Niagara falls, Canada. pp.1-20.
�hal-01588490v2�
Fault-tolerant and Scalable Key Management
Protocol for IoT-based Collaborative Groups
Mohammed Riyadh Abdmeziem
?
and François Charoy
Université de Lorraine Inria-CNRS-LORIA,
Nancy, France
{mohammed-riyadh.abdmeziem,francois.charoy}@loria.fr
Abstract.
Securing collaborative applications relies heavily on the un-
derlying group key management protocols. Designing these protocols is
challenging, especially in the context of the Internet of Things (IoT).
Indeed, the presence of heterogeneous and dynamic members within
the collaborative groups usually involves resource constrained entities,
which require energy-aware protocols to manage frequent arrivals and
departures of members. Moreover, both fault tolerance and scalabil-
ity are sought for sensitive and large collaborative groups. To address
these challenges, we propose to enhance our previously proposed proto-
col (i.e. DBGK) with polynomial computations. In fact, our contribution
in this paper, allows additional controllers to be included with no impact
on storage cost regarding constrained members. To assess our protocol
called DsBGK, we conducted extensive simulations. Results conrmed
that DsBGK achieves a better scalability and fault tolerance compared
to DBGK. In addition, energy consumption induced by group key rekey-
ing has been reduced.
Key words:
Collaborative applications, Internet of Things (IoT), Se-
curity, Group key management, Polynomial computation, Contiki.
1 Introduction
With the rise of the Internet of Things (IoT) and its integration in informa-
tion systems, collaborative applications have taken a new dimension. Pervasive
devices and objects are able to perceive our direct environment and act au-
tonomously upon it to help users to reach their goals. Applications ourished
in healthcare, transportation and military environments [4] that combine input
from users and objects to reach goals in a collaborative way. In these domains,
stakeholders would only accept these systems in their environment if they have
strong guarantees on the security, privacy and integrity of the data they pro-
duce and share. The distributed nature of such systems and the requirement for
encryption of data shared among participants lead to one of the most impor-
tant challenges in such evolving environments: the management of cryptographic
group keys [32] [6] [2].
?
Corresponding author
2 M.R. Abdmeziem and F. Charoy
Group key management is challenging in this context. In fact, collaborative
groups involve heterogeneous members with dierent requirements and resources
capabilities [17]. This gap can hinder end-to-end communications. Indeed, con-
strained members with limited processing power and storage space can not run
heavy cryptographic primitives [5]. Moreover, collaborative applications may
present a high rate of leaving and joining members within tight time lapses,
which makes the issue more dicult to handle. The scalability of these systems
needs to be addressed bearing in mind the increasing number of entities taking
part in the collaborative groups. Last, fault tolerance is at utmost importance
especially for critical and sensitive applications (e.g. health related and military
applications) [31].
We address this problematic of designing a secure and ecient protocol to
establish shared group credentials for Peer-to Peer collaborative groups. These
credentials will be used to ensure the required security properties such as data
condentiality, data integrity, and data authentication. The proposed protocol
has to be energy aware allowing an implementation on constrained devices, which
take part in the collaborative process. In addition, the protocol must be scalable,
as well as tolerant to possible failures of the entity in charge of managing the
group key.
To achieve this goal, we rely on our previously proposed group key manage-
ment protocol called DBGK (Decentralized Batch-based Group Key) [3]. This
protocol considers a network topology composed of several sub groups. Each sub
group is managed by an area key management server, while the whole group
is managed by a general group key management server. The established group
key is composed of a long term key and short terms keys (called tickets), which
are dierent for each time interval. Constrained members in terms of resources
(e.g. connected objects) are only involved in the re-keying process if these latter
have recently been active. In addition, keying materials are distributed to joining
members based on their resources capabilities. Experiments showed that DBGK
[3] is energy ecient and outperforms similar existing protocols in the literature.
Although ecient and secure, DBGK relies on key management servers to
maintain the group key. Including additional servers to improve fault tolerance
would impose a high storage overhead on constrained members. This makes
DBGK inappropriate to be directly implemented in sensitive collaborative ap-
plications. In this paper, we propose a distributed extension for DBGK called
DsBGK (Distributed Batch-based Group Key). In this extension, we keep the
core functioning of DBGK, while signicantly distributing the operations which
were based on a central entity. We achieve this by integrating a polynomial
based scheme inspired from [25] and [24]. In addition, we improve the eciency
of the original scheme to suit the constrained IoT environment. We conducted
extensive experiments to assess the performances of DsBGK and compared the
results with DBGK performances. The results showed that DsBGK provides an
enhanced scalability and fault tolerance, as additional key management servers
(controllers) can be included without impacting the storage overhead on con-
strained members. Furthermore, energy cost due to rekeying operations is re-
Fault-tolerant and Scalable Key Management Protocol (DsBGK) 3
duced compared to DBGK, which extends the life cycle of battery powered
entities.
The remaining of the paper is organized as follows. In section 2, we present
a use case scenario to motivate our contribution. In section 3, we discuss, in
detail, existing solutions in the literature. For the sake of clarity, we summarize
in section 4, the required background. In section 5, we present our network model,
along with our assumptions and the used notations. In section 6, we thoroughly
present our approach before introducing and analyzing the experimental results
in section 7. Section 8 concludes the paper and sets our future direction.
2 Use case scenario: Personal Health Record (PHR)
Internet
Internet
shared medical record
Medical team edit the medical
record using smart phone/PC
Patient’s physiological data is
captured through sensors
Fig. 1.
Use case scenario
A personal heath record [33] (Fig. 1) is a typical example of a document that
can be accessed and edited by multiple participants, including medical sensors
attached to patients. This is also an example of a document that contains highly
private and sensitive information. To edit a medical record, some participants
(e.g. medical sta) collaborate using unconstrained devices, such as Personal
Computers (PC) and smartphones. However, sensors planted in or around the
human body are considered as constrained since they have limited computing
power and may operate on battery. These sensors can either communicate their
sensed data to medical sta through the unconstrained entities (e.g. PC, smart-
phones) or directly edit patient's medical record. Medical sta can also control
4 M.R. Abdmeziem and F. Charoy
the sensors (trigger or stop the sensing of a particular physiological data), and
add more sensors to the collaboration. New members can join or leave the col-
laboration around the medical record as the situation of the patient evolves.
The dierent entities collaborate in a distributed way to maintain the medical
record. This latter can be replicated among dierent entities and the modica-
tions can be executed on the dierent replicas, which need to be synchronized.
This is important in order to avoid a single point of failure on the record man-
agement architecture. It is also important to control the entities that have access
and can modify the record over time. This clearly highlights the importance of
securing communications in such a hybrid and heterogeneous group of entities
by eciently managing the security credentials used to provide data authenti-
cation and data condentiality. Personal Health Record (PHR) is a typical case
of collaboration among health-care personal, insurers, caregivers, patients and
sensors to maintain a document that reects the patient status, health history
and treatment. There is an obvious need to provide a decentralized, secure, safe,
privacy preserving and scalable solution to share these documents among people
and sensors (objects).
3 Related work
In this section, we review the main categories under which group key manage-
ment protocols are usually categorized [11] [28], namely, the centralized, the
decentralized, and the distributed categories.
Centralized
protocols are based on an unconstrained central entity (i.e. Key
Management Server (KMS)), which is responsible for generating, distributing,
and updating the group key for the whole group. Authors in [15] introduced
the Group Key Management Protocol (GKMP), which is based on a Group
Key Packet (GKP). This latter encompasses a Group Trac Encryption Key
(GTEK) to secure data trac, and a Group Key Encryption Key (GKEK) to
secure transmissions related to rekeying operations. Following a leave event, the
central entity broadcasts the new GKP to all remaining members creating a
complexity of
O(n)
. This complexity makes GKMP not scalable with regards
to dynamic and large groups. To reduce the impact of leave events, authors in
[34] proposed an interval-based protocol, which generates the keying materials
corresponding to the predicted period of time during which the members are
expected to remain in the group. Doing so, following a leave event, no rekeying is
required. However, this solution is not suited to dynamic groups with unexpected
join and leave events, as predicting the leaving moment of members is neither
realistic nor practical. In addition, constrained members which are part of the
group for a long period of time might suer from storage issues, as a large number
of keying materials needs to be stored.
To further improve eciency, several hierarchical based protocols have been
proposed. Among them, the Logical Key Hierarchy (LKH) protocol [37], later
improved by the One-way Function Tree protocol [7] are typical examples. The
